Software running within embedded systems is becoming larger and more complex, thereby increasing software attack surfaces. Conventional defenses provide protection, but fail when an attack disables or bypasses the defense.
Conventional security techniques for software integrity verification and policy enforcement are generally executed within the embedded system being protected. One example security technique performs a one-way hash operation and compares a resulting digest with a trusted reference. Another more complex security technique uses a tamper detector which loads a program from nonvolatile memory, monitors the program's integrity with converters which obtain a value, and compares this obtained value with a trusted reference value. If the comparison fails, the tamper detector stops program execution.
The conventional security techniques are disadvantageous when an attack bypasses the embedded system's security. The embedded system cannot stop the attack because these conventional security techniques rely on the same embedded system being protected.